"Chevron is the first U.S. company to acknowledge that its systems were infected by Stuxnet, although most security experts believe the vast majority of hacking incidents go unreported for reasons of security or to avoid embarrassment," King writes. "The devices used in industrial equipment and targeted by Stuxnet are made by huge companies, including Siemens (whose devices were in use at Iran’s facility). Millions of these devices have been sold around the world, so potentially every industrial company that uses these devices, called programmable logic controllers, or PLCs, are at risk of being infected."

"Stuxnet, which is alleged to be part of a US-led operation to stop Iran from becoming nuclear weapons-capable, infiltrated nuclear enrichment facilities in Natanz, Iran, in 2010 and successfully modified its industrial grade equipment to malfunction," writes ZDNet's Michael Lee. "Stuxnet's payload was specific to the systems in place in Iran, but its spreading mechanism was not as picky. As a result, the malware managed to escape from the facility and spread far beyond its initial target."

"Analysts and former US military officers have touted cyber attacks as a more effective weapon against Iran's nuclear ambitions than bombing raids, which they say would carry big risks without causing permanent damage to the program," AFP reports. "But Chevron officials said the virus spread beyond Washington's control. 'I don't think the US government even realized how far (the virus) had spread,' Mark Koelmel, who oversees earth-science research and development at Chevron, told the Wall Street Journal."